[Cialug] OpenSSH 6.2
Matthew Nuzum
newz at bearfruit.org
Sun Mar 24 16:41:27 CDT 2013
That's cool, I could see that as being useful for requiring either SSH key OR password + otp (i.e. yubikey or google authenticator).
On Mar 23, 2013, at 11:53 AM, Nicolai wrote:
> Hi all,
>
> OpenSSH 6.2 has just been released which comes with some exciting new
> features. If you can upgrade, that would be a good idea. The most
> important/interesting features IMO are:
>
> * encrypt-then-mac (finally)
> * AES-GCM (although this is debatable)
> * multiple authentication via AuthenticationMethods
>
> The description of multiple authentication is as follows:
>
> * sshd(8): Added support for multiple required authentication in SSH
> protocol 2 via an AuthenticationMethods option. This option lists
> one or more comma-separated lists of authentication method names.
> Successful completion of all the methods in any list is required for
> authentication to complete. This allows, for example, requiring a
> user having to authenticate via public key or GSSAPI before they
> are offered password authentication.
>
> Or another example would be requiring combined use of an SSH key and
> yubikey.
>
> Nicolai
> _______________________________________________
> Cialug mailing list
> Cialug at cialug.org
> http://cialug.org/mailman/listinfo/cialug
More information about the Cialug
mailing list